Vulnerability Reportredis:8.0.4-alpine

redis:8.0.4-alpine
DIGESTsha256:c33b0a1a99597b333dbf4ddb6be24630f74d7eaa9d6387a741b537ef8e482719

Executive Summary

Last scanned:

Threat Score
0/100SAFE
Reputation
TRUSTED

This image is safe for production use. While it contains 18 exposed and 26 post-exploit only vulnerabilities, all are low severity (max 5.1) and none pose a practical risk. The two noted CVEs (CVE-2025-15467) affect OpenSSL's CMS parsing, which is not used by Redis in any normal workflow. No additional configurations or mitigations are required.

Vulnerabilities

Vulnerability Log

44 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2026-28388MEDIUM5.1
libcrypto3
3.3.5-r0
fixed in 3.3.7-r0
0.9%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-28388MEDIUM5.1
libssl3
3.3.5-r0
fixed in 3.3.7-r0
0.9%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-31790MEDIUM5.02
libcrypto3
3.3.5-r0
fixed in 3.3.7-r0
1.0%
Theoretical Threat
Directly Exposed
CVE-2025-66199MEDIUM5.02
libcrypto3
3.3.5-r0
fixed in 3.3.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-69420MEDIUM5.02
libcrypto3
3.3.5-r0
fixed in 3.3.6-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-22796MEDIUM5.02
libcrypto3
3.3.5-r0
fixed in 3.3.6-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
libssl3
3.3.5-r0
fixed in 3.3.7-r0
1.0%
Theoretical Threat
Directly Exposed
CVE-2025-66199MEDIUM5.02
libssl3
3.3.5-r0
fixed in 3.3.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-69420MEDIUM5.02
libssl3
3.3.5-r0
fixed in 3.3.6-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-22796MEDIUM5.02
libssl3
3.3.5-r0
fixed in 3.3.6-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-22795MEDIUM4.67
libcrypto3
3.3.5-r0
fixed in 3.3.6-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-22795MEDIUM4.67
libssl3
3.3.5-r0
fixed in 3.3.6-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-6042MEDIUM4.67
musl
1.2.5-r9
fixed in 1.2.5-r10
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-27171MEDIUM4.67
zlib
1.3.1-r2
fixed in 1.3.2-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-15467MEDIUM4.06
libcrypto3
3.3.5-r0
fixed in 3.3.6-r0
47.6%
High Exploitation Risk
Post-Exploit
CVE-2025-15467MEDIUM4.06
libssl3
3.3.5-r0
fixed in 3.3.6-r0
47.6%
High Exploitation Risk
Post-Exploit
CVE-2025-68160MEDIUM4
libcrypto3
3.3.5-r0
fixed in 3.3.6-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-68160MEDIUM4
libssl3
3.3.5-r0
fixed in 3.3.6-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-40200LOW3.98
musl-utils
1.2.5-r9
fixed in 1.2.5-r11
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-69418LOW3.4
libcrypto3
3.3.5-r0
fixed in 3.3.6-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-69418LOW3.4
libssl3
3.3.5-r0
fixed in 3.3.6-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-31789LOW3
libcrypto3
3.3.5-r0
fixed in 3.3.7-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-31789LOW3
libssl3
3.3.5-r0
fixed in 3.3.7-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-6042LOW2.8
musl-utils
1.2.5-r9
fixed in 1.2.5-r10
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-28387LOW2.48
libcrypto3
3.3.5-r0
fixed in 3.3.7-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-28387LOW2.48
libssl3
3.3.5-r0
fixed in 3.3.7-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-40200LOW2.39
musl
1.2.5-r9
fixed in 1.2.5-r11
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-22184LOW2.39
zlib
1.3.1-r2
fixed in 1.3.2-r0
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-69421LOW2.29
libcrypto3
3.3.5-r0
fixed in 3.3.6-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28389LOW2.29
libcrypto3
3.3.5-r0
fixed in 3.3.7-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28390LOW2.29
libcrypto3
3.3.5-r0
fixed in 3.3.7-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2025-69421LOW2.29
libssl3
3.3.5-r0
fixed in 3.3.6-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28389LOW2.29
libssl3
3.3.5-r0
fixed in 3.3.7-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28390LOW2.29
libssl3
3.3.5-r0
fixed in 3.3.7-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2025-69419LOW2.26
libcrypto3
3.3.5-r0
fixed in 3.3.6-r0
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-69419LOW2.26
libssl3
3.3.5-r0
fixed in 3.3.6-r0
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-15468LOW1.81
libcrypto3
3.3.5-r0
fixed in 3.3.6-r0
0.7%
Theoretical Threat
Post-Exploit
CVE-2025-15468LOW1.81
libssl3
3.3.5-r0
fixed in 3.3.6-r0
0.7%
Theoretical Threat
Post-Exploit
CVE-2025-46394LOW1.68
busybox
1.37.0-r13
fixed in 1.37.0-r14
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-46394LOW1.68
busybox-binsh
1.37.0-r13
fixed in 1.37.0-r14
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-46394LOW1.68
ssl_client
1.37.0-r13
fixed in 1.37.0-r14
0.1%
Theoretical Threat
Post-Exploit
CVE-2024-58251NONE0
busybox
1.37.0-r13
fixed in 1.37.0-r14
0.2%
Theoretical Threat
Not Applicable
CVE-2024-58251NONE0
busybox-binsh
1.37.0-r13
fixed in 1.37.0-r14
0.2%
Theoretical Threat
Not Applicable
CVE-2024-58251NONE0
ssl_client
1.37.0-r13
fixed in 1.37.0-r14
0.2%
Theoretical Threat
Not Applicable

Want to check another image? Run a full scan with the Docker Security Scanner.